Q
Manage Learn to apply best practices and optimize your operations.

# Cracking smaller messages

## Learn whether or not a smaller message is easier to crack and how encryption makes plaintext plausible. Also learn how to encrypt a message and why you should consider using a smaller key.

If a message is smaller, is it easier to decrypt?

A smaller message does in fact take less time to decrypt than a longer one, however, I think you meant crack, as...

in recover the plaintext of a message without the encryption key, and the answer is basically no. This is because good encryption makes any plaintext derived from a given ciphertext as plausible as any other.

One advantage of a small message is that it is easier to encrypt it by creating a random key that is the same size as the message. Matching the key and message lengths creates what's called a one-time pad. This uses character-by-character encryption, or stream ciphering. This type of cryptosystem is unbreakable, if used correctly. Let me give you an example. Suppose you encrypt your eight-digit bank account number. The length of this message may give an attacker a clue as to its content, but they won't know if they've cracked the message, since any of the 10^8 permutations of an eight-digit number could be correct. This is true for text-based messages as well. If I encrypted the message "Defuse bomb mission off," which is 23 characters long, with a one-time pad, an attacker wouldn't be able to determine whether "Detonate bombs at three" -- also 23 characters -- was the message I sent.

The problem with one-time pads is that you have to generate a new random key each time you send a message. This means creating, delivering, and securing large keys, which is very complex. Imagine if you wanted to encrypt a 2Mb computer file with a one-time pad. You would need a key that is also 2Mb or 2^20 characters long. This limits true one-time pad systems to very specific uses so other encryption systems are more generally used. In block ciphers for example, the key length is much less than the length of the message, but the plaintext message is broken up into small pieces called blocks, and the key encrypts each block. A variety of block ciphers operate in different ways, but as a rule, the smaller the key the less secure any message encrypted with that key will be. Therefore, you need to ensure that you use an adequate length of key and that your key or keys are adequately protected and genuinely random.

• Learn tactics for securing your e-mail systems

• This was last published in September 2005

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### How enterprises should handle GDPR compliance in the cloud

GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland ...

• ### Compromised cloud credentials still plaguing enterprises

Why are enterprises still struggling with identity and access management in the cloud? Experts at RSA Conference discuss the ...

• ### How TLS mutual authentication for cloud APIs bolsters security

Secure access to cloud APIs is necessary but challenging. One viable option to combat that is TLS mutual authentication, ...

## SearchNetworking

A rare government alert that Russian hackers are targeting routers in the United States and the United Kingdom has security ...

• ### Analyst balks at blockchain distributed ledger in networking

Blockchain distributed ledger technology is untested, unproven and overly complex, making it unsuitable for networking, ...

• ### Network-as-a-service market blossoms as demands grow

The network-as-a-service market is attracting more attention, as enterprises look for ways to outsource some of their ...

## SearchCIO

• ### RSA 2018: Juniper CEO stresses training, automation in cybersecurity

During his RSA Conference keynote, Juniper CEO Rami Rahim encouraged leaders to be "agents of change" that embrace automation in ...

• ### Will the next act in the ongoing evolution of IT be its last?

The evolution of IT keeps on keeping on -- for now. But as technology becomes more integral to the business, the IT department ...

• ### Digital factory strategy needed to support omnipresent IT

Digital factories, framed as a business process re-engineering strategy for our tech-centric economy, reflect how the IT function...

## SearchEnterpriseDesktop

• ### Workflow automation software improves LA court productivity

Court's in session, and the jury is unanimous: Automation software can help IT departments provide simpler workflows for end ...

• ### How to create a custom Windows 10 image for deployment

IT pros can build a Windows 10 image with custom apps, Start menu tools and more that they can easily deliver throughout the ...

• ### Four Windows 10 built-in security features to know

IT needs an effective plan to maximize security for Windows 10 and get the most out of its built-in features.

## SearchCloudComputing

• ### IaaS and PaaS blurred lines increase lock-in risks

There are three distinct cloud service categories: IaaS, PaaS and SaaS. However, IaaS and PaaS are getting a little too close, ...

• ### Single pane of glass for multi-cloud management still elusive

Unified management for multi-cloud remains a work in progress. Vendors have yet to produce the perfect single-pane-of-glass tool ...

• ### Microsoft takes holistic approach to IoT security concerns

Azure Sphere extends security from the cloud to the device. It's the most holistic approach on the market and provides another ...

## ComputerWeekly.com

• ### TechUK calls on government for Climate Change Agreement deadline extension for datacentres

TechUK claim decision to stop new datacentre operators from joining Climate Change Agreement programme from October 2018 could ...

• ### Global cyber crime worth \$1.5tn a year, study reveals

Cyber criminal operations worldwide are generating revenues that equal the GDP of Russia though a web of profit that involves ...

• ### Data protection is critical for all businesses

Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many ...

Close